<?php
// Loaded the nesscaries parts for IPB
define( 'IPB_THIS_SCRIPT', 'public' );
define( 'IPB_LOAD_SQL'   , 'queries' );

// Make sure that this points to init.php in the root folder of IP.Board
require_once( '../../init.php' );

$INFO = array();

require_once ROOT_PATH   . "sources/ipsclass.php";
require_once ROOT_PATH   . "sources/classes/class_display.php";
require_once ROOT_PATH   . "sources/classes/class_session.php";
require_once ROOT_PATH   . "sources/classes/class_forums.php";
require_once KERNEL_PATH . "class_converge.php";
require_once ROOT_PATH   . "sources/market/ribbons.php";
require_once ROOT_PATH   . "sources/market/multiple_effects.php";
require_once ROOT_PATH   . "conf_global.php";

$ipsclass       = new ipsclass();
$ipsclass->vars = $INFO;

$Debug = new Debug;
$Debug->startTimer();

$ipsclass->init_db_connection();
$ipsclass->DB->set_debug_mode( 0 );
$ipsclass->parse_incoming();

$ipsclass->cache_array = array('systemvars','forum_cache','group_cache','settings','market_plugin','ibm_paypal_rate');
$ipsclass->init_cache_setup();
$ipsclass->init_load_cache( $ipsclass->cache_array );
$ipsclass->initiate_ipsclass();
$ipsclass->base_url = $ipsclass->vars['board_url'].'/index.'.$ipsclass->vars['php_ext'].'?';

// Validate Input
if(!preg_match("/[0-9a-f]{32}/",$_GET['key']))
{
	exit();
}

if(!is_array($ipsclass->cache['market_plugin'][$_GET['plugin']]))
{
	exit();
}
$settings = unserialize($ipsclass->cache['market_plugin'][$_GET['plugin']]['plugin_config']);

// Validate with Paypal
$post[] = 'cmd=_notify-validate';
		
foreach ($_POST as $key => $val)
{
	$post[] = $key . '=' . urlencode (stripslashes($val));
}

$errno = $errstr = null;

$verify = implode('&', $post);
$fp = fsockopen($settings['paypal_url'], 80, $errno, $errstr, 30);
if (!$fp)
{
	exit();
}
stream_set_timeout($fp, 30);

$header  = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($verify) . "\r\n\r\n";
fputs($fp, $header . $verify);
while (!feof($fp))
{
	$ret = fgets($fp, 1024);
}
fclose($fp);

$verified = (strcmp($ret, 'VERIFIED') == 0);
if(!$verified)
{
	exit();
}

if(strcmp($_POST['payment_status'], 'Completed'))
{
	exit();
}

$member_id = intval($_POST['custom']);
$member = $ipsclass->DB->build_and_exec_query(array('select'=>'*','from'=>'members','where'=>"id=".$member_id));
if(!$member)
{
	exit();
}
$salt = $ipsclass->DB->build_and_exec_query(array('select'=>'*','from'=>'members_converge','where'=>"converge_id=".$member_id));

$base64 = $_GET['rates'];
$key = md5($member['id'] . $base64 . $salt['converge_pass_salt'] . $salt['converge_pass_hash'] . $ipsclass->vars['sql_pass']);

if($_GET['key'] != $key)
{
	exit();
}

// Begin Script
$rates = base64_decode($base64);

$time = time();
$add_money = 0;
foreach(unserialize($rates) as $rate)
{
	$add_money += $rate['amount'] * $rate['money'];
}


$log = array();
$log['l_member'] = $member['id'];
$log['l_time'] = $time;
$log['l_rates_bought'] = $rates;
$log['l_test'] = $_POST['test_ipn'];
$log['l_paypal_key'] = $_POST['verify_sign'];
$log['l_transaction'] = $_POST['txn_type'];
$log['l_transaction_id'] = $_POST['txn_id'];
$log['l_first_name'] = $_POST['first_name'];
$log['l_last_name'] = $_POST['last_name'];
$log['l_business_email'] = $_POST['business'];
$log['l_payer_email'] = $_POST['payer_email'];
$log['l_payer_id'] = $_POST['payer_id'];
$log['l_payer_status'] = $_POST['payer_status'];
$log['l_reciever_email'] = $_POST['receiver_email'];
$log['l_reciever_id'] = $_POST['receiver_id'];
$log['l_real_money'] = $_POST['mc_gross'];
$log['l_real_fee'] = $_POST['mc_fee'];
$log['l_currency'] = $_POST['mc_currency'];
$log['l_payment_type'] = $_POST['payment_type'];
$log['l_payment_time'] = $_POST['payment_date'];
$log['l_payment_status'] = $_POST['payment_status'];
$log['l_money_got'] = $add_money;

$ipsclass->DB->do_insert('market_paypal_logs',$log);

$ipsclass->DB->do_update('members',array($ipsclass->vars['market_members_field']=>$member[$ipsclass->vars['market_members_field']]+$add_money),"id=".$member_id);
?>